I'm trying to use self service password reset for my tenant in Azure AD B2C, but for some reason the verification of email needs to be done twice after you click on "Forgot your password?" link. Any idea why?
I'm trying to use self service password reset for my tenant in Azure AD B2C, but for some reason the verification of email needs to be done twice after you click on "Forgot your password?" link. Any idea why?
Is this happening every time ? Have you tried the email verification for any other user account ? I have tried this on my local account with a guest user and I received only one email.
Thanks
Saurabh
Yes, but this is because MFA is activated. So when the MFA is activated for the self-service password reset for a SignIn (Recommended) user flow you have to verify the e-mail twice.
Is there any way I can disabled MFA for the self-service password reset flow and not for login?
Have you tried disabling the MFA enforcement on Password reset user flow in your Azure AD B2C directory.
Thanks
Saurabh
I have received confirmation from products team and this is the default behavior that you are experiencing. You are seeing the MFA coming up twice while resetting the Password using the SSPR for B2C using the SignUp-SignIn Policies, as the default behavior for Password Reset flow (through SignUp-SignIn policies) is that you need to put you email and get the code sent to your email and once the code is entered to the B2C password reset page, you would be asked to enter the new password and confirm new password. But if you enable MFA for your SignUp-SignIn policy, and then try to reset the password, you would first go by the default flow for SSPR i.e enter your email address and get the code sent to your email and second, once you enter the code the next page is the MFA page, that would bring up the MFA method that is selected in the SignUp-SignIn Policy.
In case you want to update this behavior, you would have to use the custom policies.
Please let me know if you have any questions.
Thanks
Saurabh
Can you expand on this please. What specific change needs to be enabled on the custom policy?
9 people are following this question.